TPS-5556

Info	Value
Patch Name	Patch20231124TPS-5556_v2-8.0.1
Release Date	2023-11-24
Target Versions	8.0.1
Product affected	Talend Data Preparation

Introduction

This patch is cumulative. It includes all previous generally available patches for Talend Data Preparation 8.0.1

NOTE: For information on how to obtain this patch, reach out to your Support contact at Talend.

Fixed issues

TDP-12494 : Set up proxy for httpclient
TDP-12587 : Minio password is not encrypted
TDI-50284 : Proxy for TCOMPv0 connectivity in TDP

Security

TDP-12564 : Bump spring-security-config
TDP-12475 : Bump Guava
TDP-12572 : [TCOMP] tComp/tdp CVEs
TDP-12603 : Bump Word wrap
TDP-12220 : Bump node-fetch library
TDP-12581 : Bump SnakeYAML
TDP-12582 : [TCOMP] Bump Netty
TDP-12584 : [TCOMP] Bump Apache Ivy

CVEs detail

CVE-2023-34034 : Using "**" as a pattern in Spring Security configuration for WebFlux creates a mismatch in pattern matching between Spring Security and Spring WebFlux, and the potential for a security bypass.
CVE-2020-8908 : guava is vulnerable to Information Disclosure. A folder with insecure permissions is created by the function com.google.common.io.Files.createTempDir. A local user will be able to steal secrets stored in this directory
CVE-2023-2976 : Use of Java's default temporary directory for file creation in FileBackedOutputStream in Google Guava versions 1.0 to 31.1 on Unix systems and Android Ice Cream Sandwich allows other users and apps on the machine with access to the default Java temporary directory to be able to access the files created by the class. Even though the security vulnerability is fixed in version 32.0.0, we recommend using version 32.0.1 as version 32.0.0 breaks some functionality under Windows.
CVE-2023-34455 : snappy-java is vulnerable to Denial Of Service (DoS). The vulnerability exists because the hasNextChunk function of SnappyInputStream.java does not properly check for negative chunk sizes and huge positive values such as 0x7FFFFFFF, which leads to java.lang.NegativeArraySizeException and java.lang.OutOfMemoryError exceptions, allowing an attacker to cause an application crash.
CVE-2023-34454 : snappy-java is vulnerable to Integer Overflow. The vulnerability exists because the compress function receives an array of characters and multiplies the value by two, and passes it to the rawCompress function of Snappy.java which does not properly check the length and causes an integer overflow, or the value becomes negative which leads to java.lang.NegativeArraySizeException exception if the size is too small to use for the compression, causing a fatal Access Violation error, allowing an attacker to crash the application.
CVE-2023-20861 : Spring Framework is vulnerable to Denial of Service (DoS). The vulnerability is due to a lack of max repeated words and max number of character logic in the Spring Expression Language parser located in the getValueInternal function of OpMultiply and the getValueInternal function in OperatorMatches, which can trigger an infinite loop and consume excessive CPU memory, possibly leading to a system crash.
CVE-2023-26115 : word-wrap is vulnerable to Regular Expression Denial Of Service (ReDoS). The vulnerability exists due to the usage of an regular expression with inefficient time complexity, resulting in long parsing times.
CVE-2022-0235 : node-fetch is vulnerable to information disclosure. The vulnerability exists due to the cookie header being leaked to third party site which allows an attacker to gain access to sensitive information.
CVE-2022-1471 : SnakeYaml's Constructor() class does not restrict types which can be instantiated during deserialization. Deserializing yaml content provided by an attacker can lead to remote code execution. We recommend using SnakeYaml's SafeConsturctor when parsing untrusted content to restrict deserialization. We recommend upgrading to version 2.0 and beyond.
CVE-2023-33546 : org.codehaus.janino:janino is vulnerable to Denial of Service (DoS) attacks. The vulnerability is due to the guessParameterNames method caused to an uncaught stack overflow exception, which can be triggered by user input with deeply nested structures causing the application to crash.
CVE-2023-33008 : johnzon-mapper is vulnerable to Denial Of Service (DoS). The vulnerability exists because it does not validate JSON user input for large numbers, which allows an attacker to inject a large number which will then be parsed by BigDecimal, resulting in Denial of Service.
CVE-2023-34462 : io.netty:netty-handler is vulnerable to Denial of Service (DoS) attacks. During TLS handshakes, the SniHandler class can allocate up to 16MB of heap for each channel. The SniHandler is used to establish a TCP server when the handler or channel has no idle timeout. In order to configure an SSL handler using the server name from the ClientHello record, it waits for the TLS handshake. There are no checks to ensure the handshake packet is larger then the data packet, therefore it is possible to create a packet that triggers the "SslClientHelloHandler", which could be used to cause denial of service through memory exhaustion if there is no idle timeout set.
CVE-2019-20444 : HttpObjectDecoder.java in Netty before 4.1.44 allows an HTTP header that lacks a colon, which might be interpreted as a separate header with an incorrect syntax, or might be interpreted as an "invalid fold."
CVE-2019-20445 : HttpObjectDecoder.java in Netty before 4.1.44 allows a Content-Length header to be accompanied by a second Content-Length header, or by a Transfer-Encoding header.
CVE-2022-46751 : org.apache.ivy:ivy is vulnerable to XML Injection. The vulnerability exists due to improper external DTD XML restrictions. An attacker is able to exploit this vulnerability by parsing a specially crafted XML file, which allows the attacker to access sensitive information, such as passwords or other confidential data.

Previous patches

TPS-5515 [8.0.1] Issue for Data Prep cluster in hybrid mode + load balancer (TDP-10790)
TPS-5509 [8.0.1] Hybrid Data Prep crashes on safari and firefox browser (TDP-12045)
TPS-5439 [8.0.1] Hybrid data prep logs customer out while creating datasets (TDP-11605)
TPS-5166 [8.0.1] TDP R2022-04 Spring4Shell & Error when searching with hebrew characters (TPGOV-1051)

Prerequisites

Consider the following requirements for your system:

Talend Data Preparation 8.0.1 must be installed.

Installation

From your Talend Data Preparation installation directory (such as Talend-DataPreparation-Server-full-8.0.1):

Stop the Data Preparation server and Tcomp server:

# Unix
./stop.sh
# Windows
stop.bat

cd services/tcomp/
# Unix
./stop.sh
# Windows
stop.bat

Backup the /lib and /data and /services folders
Backup your data (Data Prep Mongo database)

Installing the patch

From your Talend Data Preparation installation directory (such as Talend-DataPreparation-Server-full-8.0.1):

remove existing libraries:
```
rm lib/*.jar
```
```
rm -R services/tcomp
```

unzip the path file with the command below:

unzip Patch_20231124_TPS-5556_v2-8.0.1.zip

Copy files from the patch into your Data preparation installation

cp Patch_20231124_TPS-5556_v2-8.0.1/lib/*.jar lib/

unzip Patch_20231124_TPS-5556_v2-8.0.1/services/components-api-service-rest-all-components-0.28.31-tdp.zip -d services/ && mv services/components-api-service-rest-all-components-0.28.31 services/tcomp

Copy sh/bat files

cp Patch_20231124_TPS-5556_v2-8.0.1/*.sh .
cp Patch_20231124_TPS-5556_v2-8.0.1/*.bat .

If Coming from a 8.0.1 version equals to 8.0.1-R2023-11 or before, please follow instructions below :

Backup the dataprep/config/application.properties file

Edit the file and update properties :

Classic mode :

Remove all these properties

 # Service documentation
 service.documentation=true
 service.documentation.name=Talend Data Preparation - API
 service.documentation.description=This service exposes high level services that may involve services orchestration.
 service.paths=api
 springfox.documentation.swagger.v2.host=${public.ip}:${server.port}${gateway-api.service.path}
 springfox.resources.prefix.url=${gateway-api.service.path}
 # see https://github.com/springfox/springfox/issues/2265
 logging.level.io.swagger.models.parameters.AbstractSerializableParameter=error

 security.basic.enabled=false
 security.oidc.client.expectedIssuer=${iam.uri}/oidc
 iam.license.url=${iam.uri}/oidc/api
 security.oidc.client.keyUri=${iam.uri}/oidc/jwk/keys
 security.oauth2.client.clientId=&lt;security client id>
 security.oauth2.client.clientSecret=&lt;security client secret>
 security.oidc.client.claimIssueAtTolerance=120
 # security.oauth2.resource.serviceId=${PREFIX:}resource
 security.oauth2.resource.tokenInfoUri=${iam.uri}/oidc/oauth2/introspect
 security.oauth2.resource.uri=/v2/api-docs,/api/**,/folders/**,/datasets/**,/dataset/**,/preparations/**,/transform/**,/version/**,/acl/**,/apply/**,/export,/export/**,/aggregate,/sampling/**,/receivers/**,/error,/datastores/**,/preparation/**,/actions/**,/suggest/**,/dictionary/**,/transformation/preparations/**,/transformation/v2/**,/sharing/**
 security.oauth2.resource.filter-order=3
 security.scim.enabled=true

 security.oauth2.client.access-token-uri=${iam.uri}/oidc/oauth2/token
 security.oauth2.client.scope=openid refreshToken
 security.oauth2.client.user-authorization-uri=${iam.uri}/oidc/idp/authorize
 security.oauth2.sso.login-use-forward=false

 security.oauth2.resource.tokenInfoUriCache.enabled=true

 # FIXME: temporary fix related to dataquality-semantic-consumer version = 11.2.0
 # FIXME: that will need to be removed as soon as we bump to spring boot 2.7 and bump dq library at the same time
 spring.cloud.stream.binders.kafka-binder-consumer.environment.spring.cloud.stream.kafka.binder.brokers=${spring.cloud.stream.kafka.binder.brokers}

 # Zuul properties
 gateway-api.service.url=http://${public.ip}:${server.port}
 zuul.servletPath=/gateway/upload

 zuul.routes.dq.path=/gateway/dq/semanticservice/**
 zuul.routes.dq.sensitiveHeaders=${zuul.sensitiveHeaders}
 zuul.routes.dq.url=${dataquality.server.url}/
 proxy.auth.routes.dq=oauth2

 zuul.routes.me.path=/gateway/api/v1/scim/me/**
 zuul.routes.me.url=${iam.scim.url}/Me
 proxy.auth.routes.me=oauth2

 zuul.routes.pendo.path=/gateway/api/iam-server/pendo/**
 zuul.routes.pendo.url=${iam.scim.url}/pendo
 proxy.auth.routes.pendo=oauth2

 zuul.routes.sharingset.path=/gateway/api/v1/sharingset/**
 zuul.routes.sharingset.sensitiveHeaders=${zuul.sensitiveHeaders}
 zuul.routes.sharingset.url=http://${public.ip}:${server.port}/sharing/v1/sharingset
 proxy.auth.routes.sharingset=oauth2

 zuul.routes.sharing.path=/gateway/api/v1/sharing/**
 zuul.routes.sharing.sensitiveHeaders=${zuul.sensitiveHeaders}
 zuul.routes.sharing.url=http://${public.ip}:${server.port}/sharing/v1/sharing
 proxy.auth.routes.sharing=oauth2

 zuul.routes.sharings.path=/gateway/api/v1/sharings/**
 zuul.routes.sharings.sensitiveHeaders=${zuul.sensitiveHeaders}
 zuul.routes.sharings.url=http://${public.ip}:${server.port}/sharing/v1/sharings
 proxy.auth.routes.sharings=oauth2

 zuul.routes.api.path=/gateway/api/**
 zuul.routes.api.sensitiveHeaders=${zuul.sensitiveHeaders}
 zuul.routes.api.url=http://${public.ip}:${server.port}/api
 proxy.auth.routes.api=oauth2

 spring.cloud.gateway.mvc.routes[0].id=api
 spring.cloud.gateway.mvc.routes[0].uri=http://${public.ip}:${server.port}
 spring.cloud.gateway.mvc.routes[0].predicates[0]=Path=/gateway/api/**
 spring.cloud.gateway.mvc.routes[0].filters[0]=RewritePath=/gateway/api/(?<segment>.*), /api/$\{segment}

 zuul.routes.upload.path=/api/upload/**
 zuul.routes.upload.sensitiveHeaders=${zuul.sensitiveHeaders}
 zuul.routes.upload.url=http://${public.ip}:${server.port}/api
 proxy.auth.routes.upload=oauth2

 zuul.routes.swagger1.path=/gateway/v3/api-docs/**
 zuul.routes.swagger1.sensitiveHeaders=${zuul.sensitiveHeaders}
 zuul.routes.swagger1.url=http://${public.ip}:${server.port}/v3/api-docs
 proxy.auth.routes.swagger1=oauth2

 zuul.ignoredPatterns=/login,/logout,/signOut,/signIn
 zuul.sensitiveHeaders=Cookie,Set-Cookie
 zuul.host.socket-timeout-millis=300000
 zuul.host.connect-timeout-millis=5000

Add all these properties

  # Service documentation
  springdoc.server.url=${gateway-api.service.path}
  springdoc.swagger-ui.path=/swagger-ui/
  springdoc.swagger-ui.disable-swagger-default-url=true
  springdoc.swagger-ui.docExpansion=none
  springdoc.swagger-ui.operationsSorter=alpha
  springdoc.swagger-ui.tagsSorter=alpha

  springdoc.swagger-ui.urls[0].name=semanticservice
  springdoc.swagger-ui.urls[0].display-name=Talend Data Preparation - Semantic Service
  springdoc.swagger-ui.urls[0].url=${gateway-api.service.path}/dq/semanticservice/api-docs

  # Auth0 issuer uri  - Used only for daikon configuration
  spring.security.oauth2.resourceserver.auth0.jwt.issuer-uri=https://talend.auth0.com/
  # IAM authentication validation
  spring.security.oauth2.resourceserver.iam.jwt.jwk-set-uri=${iam.uri}/oidc/jwk/keys
  spring.security.oauth2.resourceserver.iam.opaque-token.introspection-uri=${iam.uri}/oidc/oauth2/introspect
  spring.security.oauth2.resourceserver.iam.opaque-token.query-entitlements=true

  # IAM authorization code flow
  spring.security.oauth2.client.registration.oidc.clientId=&lt;security client id>
  spring.security.oauth2.client.registration.oidc.clientSecret=&lt;security client secret>
  spring.security.oauth2.client.registration.oidc.authorization-grant-type=authorization_code
  spring.security.oauth2.client.registration.oidc.scope=openid,refreshToken
  spring.security.oauth2.client.registration.oidc.redirectUri=http://${public.ip}:${server.port}/signIn
  spring.security.oauth2.client.registration.oidc.provider=oidc

  spring.security.oauth2.client.provider.oidc.authorization-uri=${iam.uri}/oidc/idp/authorize
  spring.security.oauth2.client.provider.oidc.token-uri=${iam.uri}/oidc/oauth2/token
  spring.security.oauth2.client.provider.oidc.jwk-set-uri=${iam.uri}/oidc/jwk/keys

  # Kafka configuration
  spring.cloud.function.definition=internalMessage;internalMessageDatasetModule;tsdEventConsumer;tsdSemanticCacheUpdate

  spring.cloud.gateway.mvc.http-client.connect-timeout=5000

replace clientId and clientSecret in new properties (get them from backup file)

Hybrid mode

Execute all steps from Classic mode

Remove these properties

  ## Enable JWT needed in hybrid mode:
  security.oauth2.resource.jwt.key-uri=${iam.uri}/oidc/jwk/keys
  ## Redefine security scope by adding entitlements for hybrid
  security.oauth2.client.scope=openid refreshToken entitlements

Add scope entitlements to this property spring.security.oauth2.client.registration.oidc.scope

  spring.security.oauth2.client.registration.oidc.scope=openid,refreshToken,entitlements

If Coming from a 8.0.1 version before 8.0.1-R2023-06, or if the following properties are absent from your application.properties file, please add them to the corresponding file: Edit file dataprep/config/application.properties and paste needed properties
To activate session management when working with 2 or more instances of TDP, use the following configuration in your application.properties file Edit file dataprep/config/application.properties and paste needed properties
```
server.session.timeout=1800
spring.session.store-type=MONGODB
spring.session.timeout=1800
spring.session.mongodb.collection-name=tdp_sessions
```
If you want to use Data Preparation behind a proxy, please follow instructions through the documentation :

Prerequisites : Install a socks proxy on your OS (example for Linux : Dante)
Windows -> https://help.talend.com/r/en-US/Cloud/hybrid-installation-guide-windows/configuring-talend-data-preparation-to-use-proxy-server
Linux -> https://help.talend.com/r/en-US/Cloud/hybrid-installation-guide-linux/configuring-talend-data-preparation-to-use-proxy-server

Restart the Data Preparation server and Tcomp server:

# Unix
./start.sh
# Windows
start.bat

cd services/tcomp/
# Unix
./start.sh
# Windows
start.bat

Uninstallation

From your Talend Data Preparation installation directory (such as Talend-DataPreparation-Server-full-8.0.1):

Stop the Data Preparation server and Tcomp server
Restore your mongo database backup and the backup /lib and /data and services folders into your Talend Data Preparation installation directory.
Restart the Data Preparation server and Tcomp server

Affected files for this patch

From services, you have the new Tcomp application with components-api-service-rest-all-components-0.28.31-tdp.zip.

From lib, the following files are installed by this patch:

accessors-smart-2.4.9.jar
affinity-3.21ea5.jar
android-json-0.0.20131108.vaadin1.jar
annotations-19.0.0.jar
antlr4-runtime-4.9.2.jar
apache-mime4j-core-0.8.4.jar
apache-mime4j-dom-0.8.4.jar
apiguardian-api-1.1.2.jar
archaius-core-0.7.7.jar
asm-5.0.4.jar
aspectjrt-1.9.7.jar
aspectjweaver-1.9.7.jar
assertj-core-3.22.0.jar
audit-common-6.8.9.jar
audit-kafka-6.8.9.jar
audit-log4j1-6.8.9.jar
audit-log4j2-6.8.9.jar
audit-logback-6.8.9.jar
automaton-1.12-1.jar
avro-1.10.2.jar
aws-java-sdk-core-1.12.395.jar
aws-java-sdk-kms-1.12.395.jar
aws-java-sdk-s3-1.12.395.jar
aws-java-sdk-sts-1.12.395.jar
backport-util-concurrent-3.1.jar
bcmail-jdk15on-1.70.jar
bcpkix-jdk15on-1.70.jar
bcprov-jdk15on-1.69.jar
bcutil-jdk15on-1.70.jar
boilerpipe-1.1.0.jar
brave-5.13.9.jar
brave-context-slf4j-5.13.9.jar
brave-instrumentation-http-5.13.9.jar
brave-instrumentation-httpasyncclient-5.13.9.jar
brave-instrumentation-httpclient-5.13.9.jar
brave-instrumentation-jms-5.13.9.jar
brave-instrumentation-kafka-clients-5.13.9.jar
brave-instrumentation-kafka-streams-5.13.9.jar
brave-instrumentation-messaging-5.13.9.jar
brave-instrumentation-mongodb-5.13.9.jar
brave-instrumentation-rpc-5.13.9.jar
brave-instrumentation-spring-rabbit-5.13.9.jar
brave-propagation-aws-0.21.3.jar
bson-4.6.1.jar
bson-record-codec-4.6.1.jar
byte-buddy-1.12.23.jar
byte-buddy-agent-1.12.23.jar
cache-api-1.1.1.jar
caffeine-2.9.3.jar
carrier-1.164.jar
checker-qual-3.19.0.jar
chronicle-algorithms-2.22ea1.jar
chronicle-analytics-2.21ea0.jar
chronicle-bytes-2.22ea1.jar
chronicle-core-2.22ea3.jar
chronicle-map-3.22ea2.jar
chronicle-threads-2.22ea1.jar
chronicle-values-2.22ea1.jar
chronicle-wire-2.22ea1.jar
classgraph-4.8.83.jar
classmate-1.5.1.jar
cloud-storage-core-2.3.jar
common-connector-11.2.0.jar
commons-beanutils-1.9.4.jar
commons-codec-1.15.jar
commons-collections-3.2.2.jar
commons-collections4-4.4.jar
commons-compress-1.21.jar
commons-configuration-1.8.jar
commons-configuration2-2.8.0.jar
commons-csv-1.3.jar
commons-digester-1.8.1.jar
commons-exec-1.3.jar
commons-io-2.8.0.jar
commons-lang-2.6.jar
commons-lang3-3.12.0.jar
commons-logging-1.2.jar
commons-math3-3.6.1.jar
commons-pool-1.6.jar
commons-text-1.10.0.jar
commons-validator-1.6.jar
compiler-2.21ea1.jar
component-form-model-1.1.18.jar
config-client-2.9.7.jar
config-common-2.9.7.jar
connector-starter-11.2.0.jar
content-service-common-6.8.9.jar
content-service-journal-6.8.9.jar
content-service-journal-mongo-6.8.9.jar
crypto-utils-6.8.9.jar
curvesapi-1.07.jar
daikon-6.8.9.jar
daikon-audit-6.8.9.jar
daikon-exception-6.8.9.jar
daikon-spring-auth-common-6.8.9.jar
daikon-spring-metrics-6.8.9.jar
daikon-spring-mongo-6.8.9.jar
daikon-spring-security-6.8.9.jar
daikon-spring-tenancy-6.8.9.jar
daikon-spring-zipkin-2.0.7.jar
daikon-tql-bean-6.8.9.jar
daikon-tql-core-6.8.9.jar
daikon-tql-mongo-6.8.9.jar
dataprep-3rdparty-tableau-3.22.19.jar
dataprep-annotation-processing-5.14.3.jar
dataprep-app-common-3.22.19.jar
dataprep-core-5.14.3.jar
dataprep-core-actions-5.14.3.jar
dataprep-core-actions-locales-4.6.0-20210610151330150.jar
dataprep-ee-acl-model-3.22.19.jar
dataprep-ee-acl-service-3.22.19.jar
dataprep-ee-api-3.22.19-lib.jar
dataprep-ee-async-api-3.22.19.jar
dataprep-ee-async-runtime-3.22.19.jar
dataprep-ee-avro-message-3.22.19.jar
dataprep-ee-backend-service-3.22.19.jar
dataprep-ee-backend-util-3.22.19.jar
dataprep-ee-cache-3.22.19.jar
dataprep-ee-config-client-3.22.19.jar
dataprep-ee-conversion-3.22.19.jar
dataprep-ee-dataset-3.22.19-lib.jar
dataprep-ee-dataset-adapter-3.22.19.jar
dataprep-ee-dataset-dispatcher-3.22.19-lib.jar
dataprep-ee-encryption-3.22.19.jar
dataprep-ee-exception-3.22.19.jar
dataprep-ee-feature-flipping-legacy-3.22.19.jar
dataprep-ee-fullrun-3.22.19-lib.jar
dataprep-ee-gateway-zuul-3.22.19-lib.jar
dataprep-ee-i18n-3.22.19.jar
dataprep-ee-i18n-locales-3.28.0-20210611150909545.jar
dataprep-ee-inventory-client-3.22.19.jar
dataprep-ee-inventory-model-3.22.19.jar
dataprep-ee-kafka-listener-3.22.19.jar
dataprep-ee-maintenance-3.22.19-lib.jar
dataprep-ee-preparation-3.22.19-lib.jar
dataprep-ee-reactive-3.22.19.jar
dataprep-ee-s3-3.22.19.jar
dataprep-ee-security-3.22.19.jar
dataprep-ee-sharing-client-3.22.19.jar
dataprep-ee-sharing-legacy-3.22.19.jar
dataprep-ee-sharing-model-3.22.19.jar
dataprep-ee-sharing-service-3.22.19.jar
dataprep-ee-swagger-3.22.19.jar
dataprep-ee-tpd-communication-3.22.19.jar
dataprep-ee-transformation-3.22.19-lib.jar
dataprep-ee-upgrade-3.22.19-lib.jar
dataprep-ee-upgrade-common-3.22.19.jar
dataprep-ee-webapp-3.22.19-dist.jar
dataquality-common-9.1.14.jar
dataquality-converters-9.1.0.jar
dataquality-datamasking-9.3.20.jar
dataquality-ee-statistics-9.3.20.jar
dataquality-magicfill-9.3.20.jar
dataquality-parsing-9.3.20.jar
dataquality-parsing-fullname-9.3.20.jar
dataquality-phone-9.1.14.jar
dataquality-record-linkage-9.1.14.jar
dataquality-semantic-9.3.20.jar
dataquality-semantic-message-avro-11.2.0.jar
dataquality-semantic-model-9.3.4.jar
dataquality-semantic-producer-model-11.2.0.jar
dataquality-statistics-9.1.0.jar
dd-plist-1.23.jar
dec-0.1.2.jar
dictionary-provider-11.2.0.jar
dictionary-provider-facade-11.2.0.jar
disruptor-3.2.0.jar
ecs-logging-core-1.0.1.jar
ehcache-3.10.8.jar
errorproneannotations-2.10.0.jar
failureaccess-1.0.1.jar
fastutil-6.5.7.jar
fontbox-2.0.26.jar
format-preserving-encryption-1.0.0.jar
generex-1.0.2.jar
geocoder-2.174.jar
geronimo-jsonb1.0spec-1.4.jar
geronimo-json1.1spec-1.5.jar
guava-32.0.1-jre.jar
hamcrest-2.2.jar
HdrHistogram-2.1.12.jar
hibernate-validator-6.2.5.Final.jar
httpclient-4.5.14.jar
httpcore-4.4.16.jar
hystrix-core-1.5.18.jar
hystrix-javanica-1.5.18.jar
hystrix-metrics-event-stream-1.5.18.jar
hystrix-serialization-1.5.18.jar
hystrix-utils-6.0.0.jar
icu4j-4.6.jar
indriya-2.1.2.jar
ion-java-1.0.2.jar
istack-commons-runtime-3.0.12.jar
j2objc-annotations-2.8.jar
jackcess-4.0.1.jar
jackcess-encrypt-4.0.1.jar
jackson-annotations-2.13.5.jar
jackson-core-2.13.5.jar
jackson-databind-2.13.5.jar
jackson-databind-nullable-0.2.1.jar
jackson-dataformat-cbor-2.13.5.jar
jackson-datatype-jdk8-2.13.5.jar
jackson-datatype-jsr310-2.13.5.jar
jackson-module-afterburner-2.13.5.jar
jackson-module-parameter-names-2.13.5.jar
jai-imageio-core-1.4.0.jar
jakarta.activation-1.2.2.jar
jakarta.annotation-api-1.3.5.jar
jakarta.validation-api-2.0.2.jar
jakarta.xml.bind-api-2.3.3.jar
java-cup-10k.jar
java-jwt-3.8.1.jar
java-libpst-0.9.3.jar
java-semver-0.9.0.jar
javapoet-1.13.0.jar
javassist-3.28.0-GA.jar
javax.activation-api-1.2.0.jar
javax.annotation-api-1.3.2.jar
javax.inject-1.jar
javax.servlet-api-4.0.1.jar
jaxb-api-2.3.1.jar
jaxb-runtime-2.3.8.jar
jbig2-imageio-3.0.4.jar
jboss-logging-3.4.3.Final.jar
jcl-over-slf4j-1.7.36.jar
jcrfsuite-0.6.1.jar
jdom2-2.0.6.1.jar
jempbox-1.8.16.jar
jersey-apache-client4-1.19.1.jar
jersey-client-1.19.1.jar
jersey-core-1.19.1.jar
jhighlight-1.1.0.jar
jmatio-1.5.jar
jmespath-java-1.12.395.jar
jna-4.0.0.jar
jna-platform-5.8.0.jar
joda-time-2.8.1.jar
johnzon-core-1.2.20.jar
johnzon-jsonb-1.2.20.jar
johnzon-mapper-1.2.20.jar
json-io-4.13.1-TALEND.jar
json-path-2.7.0.jar
json-smart-2.4.10.jar
jsonassert-1.5.1.jar
jsr305-3.0.2.jar
jsr311-api-1.1.1.jar
jul-to-slf4j-1.7.36.jar
junit-jupiter-5.8.2.jar
junit-jupiter-api-5.8.2.jar
junit-jupiter-engine-5.8.2.jar
junit-jupiter-params-5.8.2.jar
junit-platform-commons-1.8.2.jar
junit-platform-engine-1.8.2.jar
juniversalchardet-1.0.3.jar
junrar-7.5.2.jar
jwarc-0.18.1.jar
kafka-clients-3.4.0.jar
kotlin-stdlib-1.6.21.jar
kotlin-stdlib-common-1.6.21.jar
kotlin-stdlib-jdk7-1.6.21.jar
kotlin-stdlib-jdk8-1.6.21.jar
LatencyUtils-2.0.3.jar
lettuce-core-6.1.10.RELEASE.jar
libphonenumber-8.12.38.jar
listenablefuture-9999.0-empty-to-avoid-conflict-with-guava.jar
local-content-service-6.8.9.jar
log4j-api-2.17.2.jar
log4j-to-slf4j-2.17.2.jar
logback-classic-1.2.12.jar
logback-core-1.2.12.jar
logging-event-layout-6.8.9.jar
lucene-analyzers-common-8.3.1.jar
lucene-core-8.3.1.jar
lucene-suggest-8.3.1.jar
lz4-java-1.8.0.jar
mapstruct-1.3.1.Final.jar
mapstruct-processor-1.4.2.Final.jar
maven-artifact-3.5.3.jar
maven-builder-support-3.5.3.jar
maven-connector-11.2.0.jar
maven-model-3.5.3.jar
maven-model-builder-3.5.3.jar
maven-repository-metadata-3.5.3.jar
maven-resolver-api-1.7.3.jar
maven-resolver-connector-basic-1.7.3.jar
maven-resolver-impl-1.7.3.jar
maven-resolver-named-locks-1.7.3.jar
maven-resolver-provider-3.5.3.jar
maven-resolver-spi-1.7.3.jar
maven-resolver-transport-file-1.7.3.jar
maven-resolver-transport-http-1.7.3.jar
maven-resolver-transport-wagon-1.7.3.jar
maven-resolver-util-1.7.3.jar
messages-model-6.8.9.jar
messages-model-spring-support-6.8.9.jar
metadata-extractor-2.18.0.jar
micrometer-core-1.9.12.jar
micrometer-registry-prometheus-1.9.12.jar
mockito-core-4.5.1.jar
mockito-junit-jupiter-4.5.1.jar
mongodb-driver-core-4.6.1.jar
mongodb-driver-sync-4.6.1.jar
multitenant-core-6.8.9.jar
multitenant-spring-web-6.8.9.jar
netflix-commons-util-0.3.0.jar
netflix-statistics-0.1.1.jar
netty-buffer-4.1.91.Final.jar
netty-codec-4.1.91.Final.jar
netty-codec-dns-4.1.91.Final.jar
netty-codec-http-4.1.91.Final.jar
netty-codec-http2-4.1.91.Final.jar
netty-codec-socks-4.1.91.Final.jar
netty-common-4.1.91.Final.jar
netty-handler-4.1.91.Final.jar
netty-handler-proxy-4.1.91.Final.jar
netty-incubator-codec-classes-quic-0.0.45.Final.jar
netty-incubator-codec-native-quic-0.0.45.Final-linux-x86_64.jar
netty-resolver-4.1.91.Final.jar
netty-resolver-dns-4.1.91.Final.jar
netty-resolver-dns-classes-macos-4.1.91.Final.jar
netty-resolver-dns-native-macos-4.1.91.Final-osx-x86_64.jar
netty-transport-4.1.91.Final.jar
netty-transport-classes-epoll-4.1.91.Final.jar
netty-transport-native-epoll-4.1.91.Final-linux-x86_64.jar
netty-transport-native-unix-common-4.1.91.Final.jar
objenesis-3.2.jar
oidc-client-2.9.7.jar
opencsv-2.3.jar
opentest4j-1.2.0.jar
org.eclipse.wst.xml.xpath2.processor-2.1.100.jar
parso-2.0.14.jar
pdfbox-2.0.26.jar
pdfbox-debugger-2.0.26.jar
pdfbox-tools-2.0.26.jar
pendo-utils-6.0.0.jar
plexus-component-annotations-1.7.1.jar
plexus-interpolation-1.24.jar
plexus-utils-3.1.0.jar
poi-5.2.1.jar
poi-ooxml-5.2.1.jar
poi-ooxml-lite-5.2.1.jar
poi-scratchpad-5.2.2.jar
precis-0.1.0.jar
prefixmapper-2.174.jar
re2j-1.2.jar
reactive-streams-1.0.4.jar
reactor-core-1.0.1.RELEASE.jar
reactor-core-3.4.30.jar
reactor-extra-3.4.8.jar
reactor-netty-1.0.33.jar
reactor-netty-core-1.0.33.jar
reactor-netty-http-1.0.33.jar
reactor-netty-http-brave-1.0.33.jar
reactor-netty-incubator-quic-0.0.22.jar
reactor-spring-1.0.1.RELEASE.jar
reflections-0.10.2.jar
resttemplate-connector-11.2.0.jar
ribbon-2.3.0.jar
ribbon-core-2.3.0.jar
ribbon-httpclient-2.3.0.jar
ribbon-loadbalancer-2.3.0.jar
ribbon-transport-2.3.0.jar
rome-1.18.0.jar
rome-utils-1.18.0.jar
rxjava-1.3.8.jar
rxjava-reactive-streams-1.2.1.jar
rxnetty-0.4.9.jar
rxnetty-contexts-0.4.9.jar
rxnetty-servo-0.4.9.jar
s3-content-service-6.8.9.jar
s3-storage-wagon-2.3.jar
scim-client-2.9.7.jar
scim-common-2.9.7.jar
security-logging-common-1.1.6.jar
security-logging-logback-1.1.6.jar
servo-core-0.7.2.jar
si-quantity-2.1.jar
si-units-2.1.jar
simpleclient-0.15.0.jar
simpleclient_caffeine-0.8.0.jar
simpleclient_common-0.15.0.jar
simpleclienttracercommon-0.15.0.jar
simpleclienttracerotel-0.15.0.jar
simpleclienttracerotel_agent-0.15.0.jar
slf4j-api-1.7.36.jar
smiley-http-proxy-servlet-1.12.jar
snakeyaml-1.33.jar
snappy-java-1.1.8.4.jar
SparseBitSet-1.2.jar
spring-aop-5.3.28.jar
spring-beans-5.3.28.jar
spring-boot-2.7.13.jar
spring-boot-actuator-2.7.13.jar
spring-boot-actuator-autoconfigure-2.7.13.jar
spring-boot-autoconfigure-2.7.13.jar
spring-boot-configuration-processor-2.7.13.jar
spring-boot-starter-2.7.13.jar
spring-boot-starter-actuator-2.7.13.jar
spring-boot-starter-aop-2.7.13.jar
spring-boot-starter-cache-2.7.13.jar
spring-boot-starter-data-mongodb-2.7.13.jar
spring-boot-starter-data-redis-2.7.13.jar
spring-boot-starter-json-2.7.13.jar
spring-boot-starter-logging-2.7.13.jar
spring-boot-starter-reactor-netty-2.7.13.jar
spring-boot-starter-security-2.7.13.jar
spring-boot-starter-test-2.7.13.jar
spring-boot-starter-tomcat-2.7.13.jar
spring-boot-starter-validation-2.7.13.jar
spring-boot-starter-web-2.7.13.jar
spring-boot-starter-webflux-2.7.13.jar
spring-boot-test-2.7.13.jar
spring-boot-test-autoconfigure-2.7.13.jar
spring-cloud-aws-core-2.4.4.jar
spring-cloud-commons-3.1.5.jar
spring-cloud-context-3.1.5.jar
spring-cloud-function-context-3.2.6.jar
spring-cloud-function-core-3.2.8.jar
spring-cloud-netflix-archaius-2.2.10.RELEASE.jar
spring-cloud-netflix-hystrix-2.2.10.RELEASE.jar
spring-cloud-netflix-ribbon-2.2.10.RELEASE.jar
spring-cloud-netflix-zuul-2.2.10.RELEASE.jar
spring-cloud-security-2.2.5.RELEASE.jar
spring-cloud-sleuth-api-3.1.5.jar
spring-cloud-sleuth-autoconfigure-3.1.5.jar
spring-cloud-sleuth-brave-3.1.5.jar
spring-cloud-sleuth-instrumentation-3.1.5.jar
spring-cloud-sleuth-zipkin-3.1.5.jar
spring-cloud-starter-3.1.5.jar
spring-cloud-starter-netflix-archaius-2.2.10.RELEASE.jar
spring-cloud-starter-netflix-hystrix-2.2.10.RELEASE.jar
spring-cloud-starter-netflix-ribbon-2.2.10.RELEASE.jar
spring-cloud-starter-netflix-zuul-2.2.10.RELEASE.jar
spring-cloud-starter-oauth2-2.2.5.RELEASE.jar
spring-cloud-starter-security-2.2.5.RELEASE.jar
spring-cloud-starter-sleuth-3.1.5.jar
spring-cloud-starter-stream-kafka-3.2.6.jar
spring-cloud-starter-zipkin-2.1.6.RELEASE.jar
spring-cloud-stream-3.2.6.jar
spring-cloud-stream-binder-kafka-3.2.6.jar
spring-cloud-stream-binder-kafka-core-3.2.6.jar
spring-cloud-stream-schema-2.2.1.RELEASE.jar
spring-context-5.3.28.jar
spring-context-support-5.3.28.jar
spring-core-5.3.28.jar
spring-data-commons-2.7.13.jar
spring-data-keyvalue-2.7.13.jar
spring-data-mongodb-3.3.5.jar
spring-data-redis-2.7.13.jar
spring-expression-5.3.28.jar
spring-integration-core-5.5.18.jar
spring-integration-jmx-5.5.18.jar
spring-integration-kafka-5.5.18.jar
spring-jcl-5.3.28.jar
spring-kafka-2.8.11.jar
spring-messaging-5.3.28.jar
spring-oxm-5.3.28.jar
spring-plugin-core-2.0.0.RELEASE.jar
spring-plugin-metadata-2.0.0.RELEASE.jar
spring-retry-1.3.4.jar
spring-security-config-5.7.10.jar
spring-security-core-5.7.9.jar
spring-security-crypto-5.7.9.jar
spring-security-jwt-1.1.1.RELEASE.jar
spring-security-oauth2-2.5.2.RELEASE.jar
spring-security-oauth2-autoconfigure-2.6.8.jar
spring-security-oauth2-core-5.7.9.jar
spring-security-rsa-1.0.11.RELEASE.jar
spring-security-web-5.7.9.jar
spring-session-core-2.7.2.jar
spring-session-data-mongodb-2.7.2.jar
spring-session-data-redis-2.7.2.jar
spring-test-5.3.28.jar
spring-tx-5.3.28.jar
spring-web-5.3.28.jar
spring-webflux-5.3.28.jar
spring-webmvc-5.3.28.jar
springfox-bean-validators-3.0.0.jar
springfox-boot-starter-3.0.0.jar
springfox-core-3.0.0.jar
springfox-data-rest-3.0.0.jar
springfox-oas-3.0.0.jar
springfox-schema-3.0.0.jar
springfox-spi-3.0.0.jar
springfox-spring-web-3.0.0.jar
springfox-spring-webflux-3.0.0.jar
springfox-spring-webmvc-3.0.0.jar
springfox-swagger-common-3.0.0.jar
springfox-swagger-ui-3.0.0.jar
springfox-swagger2-3.0.0.jar
stream-2.7.0.jar
swagger-annotations-1.6.2.jar
swagger-annotations-2.1.2.jar
swagger-models-1.5.20.jar
swagger-models-2.1.2.jar
systems-common-2.1.jar
tagsoup-1.2.1.jar
tde-1.0.0.jar
tika-core-2.4.1.jar
tika-parser-apple-module-2.4.1.jar
tika-parser-audiovideo-module-2.4.1.jar
tika-parser-cad-module-2.4.1.jar
tika-parser-code-module-2.4.1.jar
tika-parser-crypto-module-2.4.1.jar
tika-parser-digest-commons-2.4.1.jar
tika-parser-font-module-2.4.1.jar
tika-parser-html-commons-2.4.1.jar
tika-parser-html-module-2.4.1.jar
tika-parser-image-module-2.4.1.jar
tika-parser-mail-commons-2.4.1.jar
tika-parser-mail-module-2.4.1.jar
tika-parser-microsoft-module-2.4.1.jar
tika-parser-miscoffice-module-2.4.1.jar
tika-parser-news-module-2.4.1.jar
tika-parser-ocr-module-2.4.1.jar
tika-parser-pdf-module-2.4.1.jar
tika-parser-pkg-module-2.4.1.jar
tika-parser-text-module-2.4.1.jar
tika-parser-webarchive-module-2.4.1.jar
tika-parser-xml-module-2.4.1.jar
tika-parser-xmp-commons-2.4.1.jar
tika-parser-zip-commons-2.4.1.jar
tika-parsers-standard-package-2.4.1.jar
tomcat-embed-core-9.0.76.jar
tomcat-embed-el-9.0.76.jar
tomcat-embed-websocket-9.0.76.jar
tools-1.8.0_362.jar
txw2-2.3.8.jar
typetools-0.6.2.jar
unit-api-2.1.2.jar
uom-lib-common-2.1.jar
utils-11.2.0.jar
validation-api-2.0.1.Final.jar
vorbis-java-core-0.8.jar
vorbis-java-tika-0.8.jar
wagon-provider-api-3.4.3.jar
xerces2-xsd11-2.11.1.jar
xercesImpl-2.12.2.jar
xlsx-streamer-2.1.0.jar
xml-apis-1.4.01.jar
xml-resolver-1.2.jar
xmlbeans-5.0.3.jar
xmlunit-core-2.9.1.jar
xmpbox-2.0.26.jar
xmpcore-6.1.11.jar
xz-1.9.jar
zipkin-2.23.2.jar
zipkin-reporter-2.16.3.jar
zipkin-reporter-brave-2.16.3.jar
zipkin-reporter-metrics-micrometer-2.16.3.jar
zipkin-sender-activemq-client-2.16.3.jar
zipkin-sender-amqp-client-2.16.3.jar
zipkin-sender-kafka-2.16.3.jar
zstd-jni-1.5.2-1.jar
zuul-core-1.3.1.jar

Did this page help you?

If you find any issues with this page or its content – a typo, a missing step, or a technical error – please let us know!

Leave your feedback here